public void GenerateKeyPairTest()
{
NSError error;
SecKey private_key;
SecKey public_key;
var att = new SecPublicPrivateKeyAttrs();
att.Label = $"{CFBundle.GetMain ().Identifier}-{GetType ().FullName}-{Process.GetCurrentProcess ().Id}";
att.IsPermanent = false;
att.ApplicationTag = new NSData();
att.EffectiveKeySize = 1024;
att.CanEncrypt = false;
att.CanDecrypt = false;
att.CanDerive = false;
att.CanSign = false;
att.CanVerify = false;
att.CanUnwrap = false;
try {
Assert.That(SecKey.GenerateKeyPair(SecKeyType.RSA, 1024, att, out public_key, out private_key), Is.EqualTo(SecStatusCode.Success), "GenerateKeyPair");
Assert.Throws <ArgumentException> (() => { SecKey.GenerateKeyPair(SecKeyType.Invalid, -1, null, out _, out _); }, "GenerateKeyPair - Invalid");
Assert.That(SecKey.GenerateKeyPair(SecKeyType.RSA, -1, null, out _, out _), Is.EqualTo(SecStatusCode.Param), "GenerateKeyPair - Param issue, invalid RSA key size");
Assert.That(SecKey.GenerateKeyPair(SecKeyType.RSA, 1024, null, out _, out _), Is.EqualTo(SecStatusCode.Success), "GenerateKeyPair - Null optional params, success");
#if IOS
var att2 = new SecPublicPrivateKeyAttrs();
att2.IsPermanent = false;
att2.EffectiveKeySize = 1024;
att2.CanEncrypt = true;
att2.CanDecrypt = true;
att2.CanDerive = true;
att2.CanSign = true;
att2.CanVerify = true;
att2.CanUnwrap = true;
Assert.That(SecKey.GenerateKeyPair(SecKeyType.RSA, 1024, att, att2, out public_key, out private_key), Is.EqualTo(SecStatusCode.Success), "GenerateKeyPair - iOS Only API");
#endif
if (TestRuntime.CheckXcodeVersion(8, 0))
{
using (var attrs = public_key.GetAttributes()) {
Assert.That(attrs.Count, Is.GreaterThan((nuint)0), "public/GetAttributes");
}
using (var attrs = private_key.GetAttributes()) {
Assert.That(attrs.Count, Is.GreaterThan((nuint)0), "private/GetAttributes");
}
}
} finally {
var query = new SecRecord(SecKind.Key)
{
Label = att.Label,
};
SecStatusCode code;
do
{
// For some reason each call to SecKeyChain will only remove a single key, so do a loop.
code = SecKeyChain.Remove(query);
} while (code == SecStatusCode.Success);
}
}
public void GenerateKeyPairTest()
{
NSError error;
SecKey private_key;
SecKey public_key;
var att = new SecPublicPrivateKeyAttrs();
att.Label = "NotDefault";
att.IsPermanent = true;
att.ApplicationTag = new NSData();
att.EffectiveKeySize = 1024;
att.CanEncrypt = false;
att.CanDecrypt = false;
att.CanDerive = false;
att.CanSign = false;
att.CanVerify = false;
att.CanUnwrap = false;
Assert.That(SecKey.GenerateKeyPair(SecKeyType.RSA, 1024, att, out public_key, out private_key), Is.EqualTo(SecStatusCode.Success), "GenerateKeyPair");
Assert.Throws <ArgumentException> (() => { SecKey.GenerateKeyPair(SecKeyType.Invalid, -1, null, out _, out _); }, "GenerateKeyPair - Invalid");
Assert.That(SecKey.GenerateKeyPair(SecKeyType.RSA, -1, null, out _, out _), Is.EqualTo(SecStatusCode.Param), "GenerateKeyPair - Param issue, invalid RSA key size");
Assert.That(SecKey.GenerateKeyPair(SecKeyType.RSA, 1024, null, out _, out _), Is.EqualTo(SecStatusCode.Success), "GenerateKeyPair - Null optional params, success");
#if IOS
var att2 = new SecPublicPrivateKeyAttrs();
att2.IsPermanent = false;
att2.EffectiveKeySize = 1024;
att2.CanEncrypt = true;
att2.CanDecrypt = true;
att2.CanDerive = true;
att2.CanSign = true;
att2.CanVerify = true;
att2.CanUnwrap = true;
Assert.That(SecKey.GenerateKeyPair(SecKeyType.RSA, 1024, att, att2, out public_key, out private_key), Is.EqualTo(SecStatusCode.Success), "GenerateKeyPair - iOS Only API");
#endif
if (TestRuntime.CheckXcodeVersion(8, 0))
{
using (var attrs = public_key.GetAttributes()) {
Assert.That(attrs.Count, Is.GreaterThan(0), "public/GetAttributes");
}
using (var attrs = private_key.GetAttributes()) {
Assert.That(attrs.Count, Is.GreaterThan(0), "private/GetAttributes");
}
}
}
public static SecStatusCode GenerateKeyPair(SecKeyType type, int keySizeInBits, SecPublicPrivateKeyAttrs publicKeyAttrs, SecPublicPrivateKeyAttrs privateKeyAttrs, out SecKey publicKey, out SecKey privateKey)
{
if (type == SecKeyType.Invalid)
{
throw new ArgumentException("invalid 'SecKeyType'", nameof(type));
}
using (var dic = new NSMutableDictionary()) {
dic.LowlevelSetObject(type.GetConstant(), SecAttributeKey.Type);
using (var ksib = new NSNumber(keySizeInBits)) {
dic.LowlevelSetObject(ksib, SecKeyGenerationAttributeKeys.KeySizeInBitsKey.Handle);
if (publicKeyAttrs != null)
{
dic.LowlevelSetObject(publicKeyAttrs.GetDictionary(), SecKeyGenerationAttributeKeys.PublicKeyAttrsKey.Handle);
}
if (privateKeyAttrs != null)
{
dic.LowlevelSetObject(privateKeyAttrs.GetDictionary(), SecKeyGenerationAttributeKeys.PrivateKeyAttrsKey.Handle);
}
return(GenerateKeyPair(dic, out publicKey, out privateKey));
}
}
}
public static SecStatusCode GenerateKeyPair(SecKeyType type, int keySizeInBits, SecPublicPrivateKeyAttrs publicAndPrivateKeyAttrs, out SecKey publicKey, out SecKey privateKey)
{
#if !MONOMAC
// iOS (+friends) need to pass the strong dictionary for public and private key attributes to specific keys
// instead of merging them with other attributes.
return(GenerateKeyPair(type, keySizeInBits, publicAndPrivateKeyAttrs, publicAndPrivateKeyAttrs, out publicKey, out privateKey));
#else
if (type == SecKeyType.Invalid)
{
throw new ArgumentException("invalid 'SecKeyType'", nameof(type));
}
NSMutableDictionary dic;
if (publicAndPrivateKeyAttrs != null)
{
dic = new NSMutableDictionary(publicAndPrivateKeyAttrs.GetDictionary());
}
else
{
dic = new NSMutableDictionary();
}
dic.LowlevelSetObject(type.GetConstant(), SecAttributeKey.Type);
dic.LowlevelSetObject(new NSNumber(keySizeInBits), SecKeyGenerationAttributeKeys.KeySizeInBitsKey.Handle);
return(GenerateKeyPair(dic, out publicKey, out privateKey));
#endif
}
